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DETAILED ACTION 

1. Claims 1-20, 23-51 have been examined. 



Claim Rejections - 35 USC § 103 

2. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

3. Claims 1-7, 9-10, 12-17, 19, 23-28, 30-36, 38-39, 41-46, 48, and 50 are rejected 
under 35 U.S.C. 103(a) as being unpatentable over Jilk, Jr. et al United States Patent 
Application Publication No. 2002/0010746 (hereinafter "Jilk"), and further in view of 
Dusse et al RFC 231 1 (hereinafter "Dusse"). 

4. Jilk teaches a system for requesting web pages through a forms format over 
electronic mail, wherein containers are generated and sent between applications, but 
fails to explicitly teach certificate exchange for secure communications of these web 
pages. 

5. However, in related art, Dusse teaches a system for secure container type 
attachments (S/MIME), wherein certificates are automatically exchanged between 
parties for purposes of secure communications. It is an advantageous feature within 
web communications to be able to provide for secure communications of content 
wherein the nature of the content is not limited by sensitivity of the material being 
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communicated since protection is afforded by cryptographic techniques (Dusse pg 1 
lines 8-25; Jilk paragraphs 12-16). 

6. It would have been obvious to one of ordinary skill in the art at the time of the 
applicant's invention to combine the systems of Jilk and Dusse to allow for reception of 
all web content including such content that is typically secure by implementing the 
secure communications of Dusse into Jilk. 

7. Regarding Claim 1 : First application to generate a first container object with a 
recognizable container type which is associated with the first application (Jilk Figs 3, 4, 
7, 8, 10, paragraphs 17-18, 21 , 23, 97) The MIME format provides for a first application 
embedded within a second (email client). As stated by Jilk an initial web page is trans- 
coded placed into the email and sent to a client, the client receives such a message via 
an email application and browses/interacts with the content via the provided extensions. 
Containing a sender's certificate or request for a recipient's (Dusse pg 21 lines 28-38, 
pg 22 lines 1-2; Jilk Figs 3b, 10, 12, paragraphs 97) 

Using a second application distinct from the first to transmit the container to a recipient's 
address (Jilk Fig 3b, paragraph 96 lines 9-30, 97) The system of Jilk provides for 
sending the container via email, the email is distinct from the functionality of the mime 
container and the trans-coded web page 

obtaining a second container object having the same type as the first from the second 
application (Jilk Fig 3b paragraph 97) Jilk provides for typical web page 
communications over email, wherein a request is made for an additional page a second 
container is received containing that page. 



Application/Control Number: 1 0/072,260 Page 4 

Art Unit: 2134 . 

automatically identify and extract one or more certificates (Dusse sections 2.4.2 - 2.5, 
2.6.1, pg 9 section 3-pg 10 3.1, pg 1, pg 21 line 28 - pg 22 line 2; 2312 section 2.3, pg 
6-7 section 4) From the discussion of Dusse, which states that "S/MIME can be used in 
automated message transfer agents that use crypto security services that do not require 
human intervention" and that such services as encryption and non-repudiation are 
provided by S/MIME. The reception of an initial message dictates that a certificate is 
provided to the client so that the content may be decrypted. As described by rfc 2312 a 
message is provided and signed that contains the certificate and a request for the 
recipients certificate. This functionality is clearly included within the initial message of 
the Jilk system as is necessary to facilitate communications. 
8. Regarding Claim 2: Receive input from sender specifying recipient's address 
(Jilk Fig 3b, 18, paragraph 96 lines 9-30, 88, 97) As within any typical email message 
the system must provide for the destination or recipient with which the communication is 
desired, in the instant case such a recipient is determined from the database or from a 
received request. 

Specifying one or more certificates of the sender (Dusse sections 2.4.2 - 2.5, 2.6.1 , pg 
9 section 3 - pg 10 3.1, pg 1, pg 21 line 28 -pg 22 line 2; 2312 section 2.3, pg 6-7 
section 4) The process of public key encryption wherein the services are used for 
signing and encrypting dictate that the signing functionality requires a certificate of the 
sender to be included so that the recipient may authenticate, furthermore, the protocol 
for S/MIME dictates that upon initial communication a signed certificate is sent in a 
message. 
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9. Regarding Claims 3, 10, 15 and 19: transmitting/receiving the container by 
electronic mail (Jilk paragraphs 23-24, 96 lines 9-30, 97) 

Transmitting/receiving by HTTP (Jilk Fig 1 , paragraphs 23-24) As stated above the 
system provides for electronic mail over the internet. As it is known electronic mail is 
not confined to a single method but is provided for in many ways. Electronic mail is 
available over the internet via web-based email services such as Yahoo.com for 
example. In such an exemplary situation the container or message is communicated 
over HTTP to the end user for viewing, as such providing for transmission by HTTP. 
Furthermore, Jilk provides for request via a web browser, which would then define the 
container as a request over HTTP. 

Transmitted/Received via a networked server (Jilk Fig 1, paragraphs 23-24, 96 lines 9- 
30, 97) The communications of Jilk are initiated by a server as seen in fig 1 and in 
paragraph 97. 

Transmitting the recipients certificate back to the sender (Dusse sections 2.4.2 - 2.5, 
2.6.1 -2.6.2.4, pg 9 section 3 - pg 10 3.1, pg 1, pg 21 line 28 - pg 22 line 2; 2312 
section 2.3, pg 6-7 section 4) The process of negotiating encryption between the two 
entities requires knowledge of a recipient's certificate, specifically section rfc 231 1 and 
2312 sections 2.3 and 4 state that a sending agents should include certificates for the 
public keys. From those passages it is clear that initial communications mandate the 
sender providing a certificate and a reply thereto containing the certificate of the 
recipient (send of the reply). 



Application/Control Number: 10/072,260 Page 6 

Art Unit: 2134 

10. Regarding Claim 4: First container object generated by a server (Jilk Fig 1) In 
the embodiment discussed in Fig 3b the server initiates the first container. 

1 1 . Regarding Claims 5 and 16: Determine if user has multiple certificates; Receive 
input selecting one or more of the multiple certificates; Retrieve the selected certificates 
from a database (Dusse 2312 pg 3-4 section 2.3, pg 6-7 section 4) Clearly selection of 
the recipients appropriate certificate is required when sending a page from the sender. 
As disclosed in rfc 2312 by discussion of a database for particular recipients and there 
associated certs. 

Include the selected certificates in the container object (Dusse 2312 pg 3-4 section 2.3, 
pg 6-7 section 4) As noted the certificates are incorporated into the container 
(message). 

12. Regarding Claim 6: receive input from sender specifying a return address (Jilk 
Fig 3b, 7, 18, paragraphs 97, 116, 121) The functionality of an electronic mail system 
requires the sender's address to be incorporated into the outgoing message, and in 
some cases the user may present an alternate reply address as outlined. 
Instructions for returning recipient's certificate (Dusse 2312 pg 3-4 section 2.3, pg 6-7 
section 4) The instructions for returning the certificate are simply the request itself and 
the return address as provided. 

Include address and instructions in the first container object (Dusse pg 21 line 28 - pg 
22 line 2, 2312 pg 3-4 section 2.3, pg 6-7 section 4) The implementation of S/MIME 
dictates that a return of a certificate occurs in a first message from that entity. 
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13. Regarding Claims 7, 17, and 22: object validation information to be used to 
validate the certificate (Dusse sections 2.4.2-2.5, pg 21 line 28 - pg 22 line 2; 2312 pg 
3-4 section 2.3, pg 6-7 section 4, section 4.2 pgs 7-8) Along with any provided 
certificate there must be validation information as is the functional structure of such an 
item to allow the client to authenticate such means. This is provided generally by way 
of singing the certificate/message with the private key of the sending party and 
authenticating that with the public key, as common practice dictates. 

14. Regarding Claim 9: Receive a container from a second instance of the 
application having a recognizable type (Jilk Figs 3b, 7a, 18, paragraphs 23-24, 87-88, 
91, 96 lines 9-30, 97, 100-102) Jilk provides for a server sending a secure web-page 
via email, a user receiving such an email, and through browsing such content, 
replying(requesting) additional pages and thus sending a message with container back 
to the server and receiving another email in reply. 

MIME container type; automatically obtaining the container from the first application (Jilk 
Fig 7a, 9, 18, paragraph 23, 121; Dusse pg 1) The email functionality automatically 
receives the container upon execution by the user of a submission or request for an 
additional page; The server provides such functionality automatically upon trans- 
coding. 

Recognize the container may include a certificate; Automatically determine if the 
container object contains a certificate of the sender (Dusse sections 2.4.2-2.5, pg 21 
line 28 - pg 22 line 2; 2312 pg 3-4 section 2.3, pg 6-7 section 4, section 4.2 pgs 7-8) 
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The logical process of validating the sender determines if a certificate is present as is 
automatically determined within the system. 

15. Regarding Claim 12: If certificate is valid, extract and store certificate (Dusse 
2312 pg 3-4 section 2.3, pg 6-7 section 4, section 4.2 pgs 7-8) The certificate if 
validated allows for reading of the message and decryption of the encrypted content 
and thus it is stored within the memory of the system. In the event a message does not 
authenticate it would not be retained since an invalid message serves no purpose but to 
waste resources of the system. Additionally, as discussed by Dusse a database is 
supplied with the listing of certificates for known entities, thus a recipient clearly stores 
valid certificates. 

16. Regarding Claims 13, 50: Automatically determine if the first container object 
has a request for a recipient's certificate (Dusse 2312 pg 3-4 section 2.3, pg 6-7 section 
4, section 4.2 pgs 7-8) As discussed previously a response is constructed as a second 
message with the certificate of the recipient when initial communications determine that 
no certificate is known. 

17. Regarding Claim 14: Generate a second container including a certificate of the 
recipient; Extract a return address from the first container and transmit second container 
to that address (Jilk Fig 3-4, 7a, 9, 18, paragraph 23-24, 96-98, 121; Dusse 2312 pg 3-4. 
section 2.3, pg 6-7 section 4, section 4.2 pgs 7-8) As noted the certificate is included in 
a reply to the sender's request; The structure of the message as outlined previously 
provides for a return address. A second container is generated in accordance with an 
additional request of the initial container for a new page or service. 
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18. Claims 23-28, 30-36, 38-39, 41-46, 48 are a computer program product 
instruction and method implementation of claims 1-7, 9-10, 12-17, 19, and as such are 
rejected on the same basis. 

19. Claims 8, 11, 18, 20, 29, 37, 40, 47, 49, and 51 as best understood are rejected 
under 35 U.S.C. 103(a) as being unpatentable over Jilk and Dusse as applied to claim 
1 , and further in view of The PDF Reference, Second Edition. 

20. Jilk and Dusse teach a system as in claim 1 for the exchange of certificates via 
electronic mail via secure communications of web pages that contain forms, but fail to 
teach the use of Forms Data Format. 

21 . The PDF Reference, Second Edition teaches the use of The Forms Data Format 
for submission and retrieval of information (pg 485 lines 1-26) via a server. 

22. Separating out extra information from a message and forming it into a common 
file layout is a desirable feature since this process adds cross-platform compatibility and 
the advantages of increased security by allowing further methods of protecting the given 
data and additionally adding further functionality through the ability to append such a file 
to any message format. 

23. It would have been obvious to one skilled in the art at the time of the applicant's 
invention to combine the Forms Data Format of the PDF Reference, Second Edition 
with the system outlined by Jilk and Dusse. The added functionality and security 
features that are obtained from such a combination being desirable advantages within 
such a communications system. 
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Response to Arguments 

24. Applicant's arguments filed 7/14/2006 with respect to claims 1-20, 23-51 have 
been considered but are moot in view of the new ground(s) of rejection. 

Conclusion 

25. RFC 2312 and 231 1 are used herein as definitions of the S/MIME message 
format. RFC 231 1 has been referred to as Dusse without further indication while RFC 
2312 has been referred to as 2312 since the authors of both RFC's are the same. 

26. The prior art made of record and not relied upon is considered pertinent to 
applicant's disclosure. Applicant is reminded that in amending in response to a rejection 
of claims, the patentable novelty must be clearly shown in view of the state of art 
disclosed by the references cited and the objections made. Applicant must show how 
the amendments avoid such references and objections. See 37 CFR 1.111(c). 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Thomas Szymanski whose telephone number is 571- 

272- 8574. The examiner can normally be reached on M-F 8-4:30. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Jacques Louis-Jacques can be reached on 571-272-6962. The fax phone 
number for the organization where this application or proceeding is assigned is 571- 

273- 8300. 
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Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 
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